mspack-tools-0.6-3.14.1 >  A ap9|3J 2i]BsBbQM3= f"؁R9Z;?îK0(jJHW2C a/EIB0m O#D6` umuS)-Ƴr&N=+ O$ZluT_-̥=W Ūթ`?yPҔHNDc4~ EB![s@HʙJT)=؀TCtV"hYJGvjjcb9a4c004cd538492d0295621eb31544ceea9cade864a227fd4d86d4d971cb9da6199fc3fd6b2875858af5553aab28daf389cf186ap9|X.CPA]&߻&z4-î|lgf[k<|#s#b(! i-:|𛒖cq ԧİ ^}1δ)J!Rvosi(8:ѩȇ`42Hl T~ް'!U1Lo F^s;2" Ųh>dZmW-i>5L|Xi!^}i'R8gK6zC%H>p>?d  S<@LPi     , 0 4DXl   (8 90 : FGHIXY\]^.b8cd]ebfelgu|vwxyz(8<BCmspack-tools0.63.14.1Library That Implements Different Microsoft CompressionsThe purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft. Currently the most common formats are implemented. This subpacke provides useful programs that make use of libmspack. * cabrip - Extracts any CAB files embedded in another file. * chmextract - Extracts all files in a CHM file to disk. * msexpand - Expands an SZDD or KWAJ file. * oabextract - Extracts an Exchange Offline Address Book (.LZX) file.aibs-arm-1"SUSE Linux Enterprise 15SUSE LLC LGPL-2.1https://www.suse.com/Productivity/File utilitieshttp://www.cabextract.org.uk/libmspack/linuxaarch64aaaaac6043fd406f90566272af445eb85c08f0f53fb218f866a983edce8ff240b342165d4019201e1625715178fc97a432b9ee661e35afe9016a55bd39aaeda96116fdcc7648aeecac92116b480dc9cf896242bb162813688fe626f123e333cd065eb2ee09e0f9c8fc70116d96e0d12d78eaf86f5436ad3ff54ca33afd71ed3960earootrootrootrootrootrootrootrootlibmspack-0.6-3.14.1.src.rpmmspack-toolsmspack-tools(aarch-64)@@@@@    ld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libmspack.so.0()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1aՈ@`]\[ZaZ]@Z]@Z\T\@TD@TC@danilo.spinella@suse.comdanilo.spinella@suse.comkstreitova@suse.commcalabkova@suse.commcalabkova@suse.comadam.majer@suse.dejengelh@inai.demardnh@gmx.demardnh@gmx.desbrabec@suse.czp.drouand@gmail.comsbrabec@suse.cz- chmextract.c add anti "../" and leading slash protection to chmextract (CVE-2018-18586.patch, bsc#1113040) * cve-2018-18586.patch- There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (CVE-2018-14679, bsc#1103032) * libmspack-CVE-2018-14679.patch - Bad KWAJ file header extensions could cause a one or two byte overwrite (CVE-2018-14681, bsc#1103032). * libmspack-CVE-2018-14681.patch - There is an off-by-one error in the TOLOWER() macro for CHM decompression (CVE-2018-14682, bsc#1103032). * libmspack-CVE-2018-14682.patch- add libmspack-0.6alpha-CVE-2019-1010305.patch to fix a buffer overflow in chmd_read_headers(): a CHM file name beginning "::" but shorter than 33 bytes will lead to reading past the freshly-allocated name buffer - checks for specific control filenames didn't take length into account [bsc#1141680] [CVE-2019-1010305]- Enable build-time tests (bsc#1130489) * Added patch libmspack-failing-tests.patch- Added patches: * libmspack-resize-buffer.patch -- CAB block input buffer is one byte too small for maximal Quantum block. * libmspack-fix-bounds-checking.patch -- Fix off-by-one bounds check on CHM PMGI/PMGL chunk numbers and reject empty filenames. * libmspack-reject-blank-filenames.patch -- Avoid returning CHM file entries that are "blank" because they have embedded null bytes. * (the last two patches were modified by removing unneeded part in order to make them more independent) - Fixed bugs: * CVE-2018-18584 (bsc#1113038) * CVE-2018-18585 (bsc#1113039)- Correct mspack-tools group to Productivity/File utilities- Correct SRPM group.- Fix typo- Update to version 0.6 * read_spaninfo(): a CHM file can have no ResetTable and have a negative length in SpanInfo, which then feeds a negative output length to lzxd_init(), which then sets frame_size to a value of your choosing, the lower 32 bits of output length, larger than LZX_FRAME_SIZE. If the first LZX block is uncompressed, this writes data beyond the end of the window. This issue was raised by ClamAV as CVE-2017-6419. * lzxd_init(), lzxd_set_output_length(), mszipd_init(): due to the issue mentioned above, these functions now reject negative lengths * cabd_read_string(): add missing error check on result of read(). If an mspack_system implementation returns an error, it's interpreted as a huge positive integer, which leads to reading past the end of the stack-based buffer. This issue was raised by ClamAV as CVE-2017-11423 - Add subpackage for helper tools - Run spec-cleaner- Remove problematic libmspack-qtmd_decompress-loop.patch (bnc#912214#c10). Version 0.5 has a correct fix dated 2015-01-05.- Update to version 0.5 * Please read the changelog; too many things to list- Fix possible infinite loop caused DoS (bnc912214, CVE-2014-9556, libmspack-qtmd_decompress-loop.patch).ibs-arm-1 16415497160.6-3.14.10.6-3.14.1cabripchmextractmsexpandoabextract/usr/bin/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:22325/SUSE_SLE-15_Update/6e0c48d65487ba03676ae772ed09c42b-libmspack.SUSE_SLE-15_Updatecpioxz5aarch64-suse-linuxELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, BuildID[sha1]=b91b627a2690523b69d49a4055ac57a60a0813f8, for GNU/Linux 3.7.0, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, BuildID[sha1]=cfd555ab2e474f40b095f6e9f028894467fe18aa, for GNU/Linux 3.7.0, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, BuildID[sha1]=df24af504d19ac4b2043527169c75059411519dc, for GNU/Linux 3.7.0, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, BuildID[sha1]=2724d74735075bcde2f888ecfa4caf5167bf6435, for GNU/Linux 3.7.0, stripped RRRRRRRRRRRRRRRR]p9#\F utf-8e56b106f422393ce6d9b10a130283243d4b258c4212d3e56ea85b333564a09bf? 7zXZ !t/%G] crv9w58quvt0@i>"j^q“hZ[촨ʓeRW,"1}m> ?|QZexw/(t߳|u :*ݴ#K qc"/\W;)[X.O ˈfMK#[m"r>@lnF|m6tr% n-FLEjv ؄ĄgYI_ij#ڎȃ3w T4 VM'Rw9溗En{1"k)8mdv lnK32xMK_OBYTIЦyK$?Ųsph6Tziaۏ69Ն3#qAsd6HD>8K(CVHrheL;ɧzq`{f}{APu h87ȈxeM&wIk !xqԐ3cxmoR ;6;W8tזyj6pZ Fc֦(HGM0O9fxUu(y6mhtvX d^ˋu{ހHRG2Mb,jla?  KֹC\ zW@PƜ-oD(>,9)(f?&V(S}#KAz v$0pd44v.PPY'Ʉ~(x5,ٷW)sx~DǩJeQܻO"@Qؠ^|8krpۺ]R''Aljy ),J>F>+"&7>nֿyh>Py:dWV_LUP27 cg_yH%{[f#/Q:X=GnЊA8FFo1:*z & 56)5\3D<-J*-U&H$tE :)O ]XX33KE&{7FeԌ%Q mAQ-$(ɳK̒+V&|~1+ยjKVh6BܷLN ˡn`R ĥ7u"'+v+ؖƟ WJ/С =ʔ‰s9Q_+NJQILPi$ۘFwcG2 1^ehBIcN &JUD]/bmfD؊ c6?VO;gG/"BQ6(%'rF$9VЍ3/ւe_dnhnHLC6 D~ #efmp{$0@R/1@\4D{-c6CCźbK`D+7x7בRG'MZqd3 \[8kB#Ilܼ+-̂ nUF9ccKNev,P*t0I8}#_ zpC%WGc$)v xfMmހ@7Nqh| }W)h4TN=2\x}!h ʞM*؄_j&F'ӪwG2S)vRoׁ0EC Y"R4 u Ҭ5m<a.|/˴6AGq%pAû_8[DzBPR5tl~F*uhƤar5mt i?jL:< nFrY/K4 O`tzב3h2QGt]<)-VݰQ*5}!7J(.ޤ>gx1g_va\%R͸VbDNt.>Tɥ.P*Ҩ@k}dM `}[kB<'rP\I* psX'we:Ρ{2 jGjmsHq?WtqWQ4$GO2EE@jY2ڃ*%5!_32?N K1 $h`N_Ps";Q@/F󊯃$8Z>bS"[3ESTnήʯ+Ś`lesi'oD.C Tl8vDZ‚UEZ+|KZFзGuJCO:6Vg~ !Hi?ZY6p(#&U&Xu5P:L0b#ixC{wc ybH! FH63vݿ a6ÿg9E4s 2G˕ F& (j .QCJ=)u`Rb8CiQex.$MK c@%QhFm$+"s@at1$SU RvWFKe4GZ(Op Y6&$]y,q,e[qH}n,ܔ!0GOpjG27јY {!٥g;5KWM[جϨiikv5J@fcuBZjP# CW {&Pܟ/  z]Cz OGljze%F5 0 4HtXEp+.Ğ {ϳӶ# se~DXArXj[g܌1ޠOsN7uyߐ9% $+@J}Xhk PqW9fvrkkk$}qyϗxcnzvvy&Xܣw'8a)[2Owt\Oʪ+LIhk8U3%j*yYIszz$$DzP7sl7 _ՎcԴ尀vX+:;9e7tO%Y+@(rUzA2 wEtOi D56vz8 aLM"gV޻%?!=ph hyM6TmK.#.Whht^=}|㵕llQmWϘ, vlݻ)fƨD_/dh8j4Zuj%UY 9dn뤎8 b+3Uש8B^dXKA ʲCY(u*;k}kı%8&`v?/WҐK0H `WOɲ9OMmbxεYP&a]ۻY.Dc1ӳe50Ț(޺ msrV1VB rȓu+ H2 K7hIi2ava.!雗fLi iʼn!m~΅~.' @UW-rln >YT!4S0P) dpgGVJIn pw=l,aY/ ۄ2]q9778t\)u2JypAm#!z{kV(ę j\arʢݰvfsͦlnuZPvmaS-[^LS  fH' FK$Zvd:Cod2{4RxVMmlY^WjHG n eaY.M3KnL>+%Yjk,3˙*-u;OHDtHG@$.MPJϬO_l%`(dGڃTmx%(n2~s}S5eIn: nJl/s* 켱Z]\ڈ#z6>sXmT$i v|g6)V2ޚ;=c~=Zk _Uu_ k\7LgG(4M} l:!snE.b4ӓ0?]UٖYOB"N^b:,Pڽ&#62*\*s/4z]e5wԱY^֛;{󫬚-1<{UnU  QͩHN'5¿gJh*wV$'0ڮ!Aimqz*; Iu~uB ב꟝ F {2aJԽ O-eEQn’ 57+ :nݣ'}?ژ{Yvv(t`)YORP‹E];0ՓŮ$ kXRd.r?aJJB~^4eV:yP%lsCgO5^?.LޝވyOC~Q%MI;Z>q[`en=RZ^=m!|eb/J9k}Qw } F_=0}AKx~m+Ǖ cJ d[`ǛBN`{ B8(Ռ'rn88%ZqNYћkM;V1"GR<1Ȃ\$X#'O%Z޼Um`ZeW=MxkΗ֔",̗ő=evˎE/z{@P* y[gTlypYVک<ޏ`䐶l-x~qu'Cѓɒj3K xB F,$dys)e|nr!m|m5 QOi(q.L s=ۄO7;&-=;Pr]c _ 7O0`4/տBUo3?M߷w}?k%)kRoMI8Wn@J^\e١q_ڋ#:Z(~B#'PZzovc0 0H)HZK!!gYr2eV)DBp{&4gkpW0!@@>[C95‚z=$MզW 'b41m:lʙCUYHj>:D2΢ޜH_5PD2Q_L5ܤU\ z4~3_bs*fzEoq]qE;y-rA̒eɋ79epJcֲ̥i4BĶ YZ